Azure Active Directory Overview
- The core of Azure AD is a directory of users. Each user has an identity thats comprised of User Id, Password and other properties
- Users also have one or more directory roles assigned to them
- User id & password are used to authenticate the user and roles are used for authorization the user
- Two other entitities are available in Azure AD
- Service Principal: Represents an Application in Azure AD
- Managed Identity: This is a special kind of service principal that can only be use with Azure Resources
- When you sign up for Azure subscription, an Azure AD resource is automatically created and it’s used to control access to Azure Resources you create under this subscription
- Navigate to Azure Portal Refer Here
- Navigate to Azure Active Directory from All Services -> Azure Active Directory
- We can create, view or manage user
- Now navigate to azure portal from a differnt browser and user should be
username@primarydomain
- After creating the user we will be able to authenticate, but for the user to perform opeartions we need to create the right role assignments
- With Azure AD
- We can integrate with Enterprise Applications
- We can Enable Multifactor Authentication
- Single Sign on
- On-Premises AD Integration
